📧 Google phishing scam: If you get an email saying there’s a legal subpoena tied to your Google account, don’t panic and don’t click. It’ll send you to a fake support page to steal your login info. Google says they’re working on a fix. Imagine getting sued by Fake Google, and losing.
5 text scams going around right now
It’s not just clingy exes popping into your messages out of the blue. Scammers are ramping up phony texts across the country. You can make the texts stop (more below). Here are the latest ones making the rounds and the red flags to watch for:
🚨 Fake missed toll or parking ticket
The FTC just warned about this one. You get a text claiming you have unpaid tolls or a parking ticket and must pay immediately to avoid late fees or legal trouble. The link takes you to a fake payment site that steals your credit card or driver’s license info.
💰 Nonexistent tax rebate
Scammers love free money, yours, that is. After the IRS announced stimulus payments for 2 million people in December, crooks started blasting texts saying you’re owed a $1,400 rebate. The link? A phishing site set up to steal your personal details or install malware on your phone.
👋 “Oops, wrong number!”
This one plays on human kindness. It starts with a vague message like, “Hey, is this Jessica?” or “Oops, wrong number!” If you respond, they’ll keep chatting, slowly steering the conversation toward a scam investment, a fake emergency or a malware-infected website.
📱“Suspicious activity” on your Apple ID
Scammers are texting about “suspicious activity” on your Apple ID, urging you to call a fake support line. Once they have you, they’ll try to steal your personal info or even take control of your phone to install spyware.
📫 USPS “delivery issues”
If you get a text about a “delivery issue” or needing to “confirm your address,” don’t fall for it. Scammers are sending fake USPS messages with links that steal your personal info. USPS never asks for sensitive details over text.
How to shut scammers down
82%
K-12 schools hit by cybercriminals from July 2023 to December 2024. That’s over 9,300 incidents. Most happened when staff fell for phishing scams. But they didn’t just lose data. Some attacks forced schools to close and affected meals and special education services.
🛡️ Google scrambles to fix Gmail phishing mess: I told you about this on Saturday, but it’s still going in full force. Don’t fall for spoofed emails claiming your Gmail account is about to be closed down. These are passing Gmail’s scam filters, slipping into inboxes looking squeaky-clean. You know it’s bad when the scammer gets better deliverability than your friend’s birthday email.
💍 Diamonds aren’t forever: What if a mystery red box with a diamond ring arrived in your mail? Ask Tiffany Grove. She got one from the “Global Gemological Research Academy,” did some digging and realized it was a scam. It came with a QR code for a “warranty” that leads to a phishing site. Apparently, the only gem they’re offering is emotional damage. Don’t scan it, just report it.
🚨 It’s not from Apple: There’s a phishing text going around that claims your Apple ID was used to approve a transaction, usually with a dollar amount included. Don’t click the link or call the number. Real Apple account alerts come through iOS push notifications or official emails, never texts.
⚠️ Your browser is a big honkin’ target: Reading this on Chrome? Hackers are sending phishing links via email that infect your system with malware as soon as you click. A fix is coming soon, so restart your browser when you see the update icon near the URL bar. Sigh, just one more reason you need solid antivirus protection.
One of the worst phishing scams: It’s coming for Mac owners, with hackers trying to steal your Apple ID. While you’re browsing in Safari, a fake pop-up appears pretending to be a security alert. What makes it extra sneaky? The page you’re on actually freezes, making it feel like your computer’s locked up. If it happens, don’t click anything. Just restart your browser.
🫨 Gone phishing: If you use Gmail or Outlook, watch out for deceptive emails asking for sensitive info or trying to trick you into clicking a malicious link that takes over your computer. Make a mistake and the hackers will hold your PC or data hostage until you pay a ransom. This one’s spreading, so watch out!
📨 Inbox under attack: Beware if you use Microsoft 365. Hackers are putting phishing links in emails sent from Microsoft addresses. Yep, even those from “.onmicrosoft.com” can be fake. This is getting around security checks. Be extra careful about clicking on links. Search the email address in your inbox to see if it’s familiar.
Scammers pretending to be the IRS: They’re sending out phishing texts claiming you’re eligible for a $1,400 Economic Impact Payment. The message includes a link that looks like the IRS website, but it’s a trick to steal your personal info or install malware. Remember, the IRS never contacts taxpayers by text — official notices always come by postal mail.
📱 Ring, ring, it’s not IT: If you get a call from your help desk or IT asking for a password reset, check if it’s legit. Scammers are getting good at tricking people over the phone to sneak into their systems. CrowdStrike found voice vishing scams (that’s voice phishing) jumped 442% last year.
🚨 PayPal alert: A new phishing email from “service@paypal.com” claiming a new address was added to your account is making the rounds. It says you bought a MacBook M4 or another pricey item. They’re trying to scare you to call the number in the email. Don’t.
📅 Don’t RSVP: If you get a random Google Calendar invite, don’t click on any links. Scammers are tricking folks with Gmail accounts into sharing their personal info through a fake support page. Legit invites come from calendar-notification@google.com. Report phishing: Hit the three-dot icon in the right-hand corner.
🎣 Gone phishing: I’ve done this with my team. It’s just smart. More companies are phishing their own employees to see how easily they fall for scams. Some are scary, like fake Ebola outbreaks, and others are just plain mean, like a “lost puppy” in the parking lot (paywall link). A weak link can cost you your entire company, so you need to know who needs cybersecurity training.
📦 Don’t scan it: Watch your porch or mailbox for a fake UPS delivery notice or InfoNotice. Yep, they’re the ones that say “Sorry we missed you,” but the fakes have a shady QR code. Scan that code and you’ll land on a phishing site. Someone on Reddit got one claiming they owed $81.45, and it came with a handwritten note from the “driver” asking them to “please pay online.” If you have delivery issues, go straight to ups.com/track.
Even the pros get targeted: An engineer almost fell for a next-level Google phishing scam after a call from “Google” claiming his account was under attack. When he asked for proof, they sent an email from “important.g.co” — a legit Google-owned domain. He still didn’t buy it. PSA: Google will never call you to tell you your account is in jeopardy.
Phishing scams are getting amped up: No more copy and paste. Criminals are using AI to scrape up tons of detail and then write in the style of specific people or companies. Corporate execs and employees are getting emails with info only the sender would know, like just how they sound (paywall link) — yet another reason to wipe your info off the web.
🚨 Heads-up, drivers: Scammers are sending fake phishing texts claiming you need to pay your FasTrak bill to avoid late fees or you’ll be in big legal trouble. Don’t fall for it! It’s a ploy to trick you into clicking a bogus link to steal your personal info and drain your wallet.
2.5 billion Gmail users
Are at risk of hijacking. In the last half of the year, credential theft soared 700%, and phishing attempts to break into email accounts spiked 200%. Promise me you’re not using your email password for any other accounts!